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DETAILED ACTION 

7. Original application contained claims 1 - 20. Claims 2 and 15 have been 
canceled in an amendment filed on 1 1/04/2005. The amendment filed have been 
entered and made of record. Presently, pending claims are 1 , 3 - 14 and 16-20. 

Continued Examination Under 37 CFR 1.114 

2. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1 . 1 1 4. Applicant's submission filed on 

1 1/04/2005 has been entered. 

Response to Arguments 

3. Applicant's arguments with respect to instant claims have been fully considered 
but are moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

4. Claim 4 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claim 4 is indefinite because the "specific protocol" set forth is unclear and there 
is no specific scope addressed in the specification as to where the "specific" protocol is 
referred (i.e., what is the scope with respect to). 

Examiner notes Applicant's remarks filed on 6/8/2005 asserts: "It is clear that the 
scope of the specific protocol as used in the application, comprises an individual 
protocol in a species of protocols other than IP. The adjective specific is used to 
delineate this distinct protocol as opposed to IP, and indicate that this specific protocol 
is relating to or characterizing one protocol of a species". However, Applicant's 
arguments with respect to the subject matter of the instant claims have been fully 
considered but are not persuasive because one with ordinary skill in the art would 
recognize that IP is also considered as one of the well-known and "specifc protocols" in 
the field besides the non-IP protocol. 

Accordingly, the claim language "specific protocol" is respectfully requested to be 
corrceted by using more specific claim language such as "non-IP protocol" as asserted 
by the Applicant in the remarks filed on 6/8/2005. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraph of 35 U.S.C. 102 that 
forms the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

1. Claims 1, 3- 14 and 16-20 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Cheng et al. (U.S. Patent 6823462). 

As per claim 1, 14, 17, 18, 19, and 20, Cheng teaches a method for determining 
secure endpoints of tunnels in a network that uses Internet security protocol (Cheng: 
see for example, Column 7 Line 21 - 15), the method comprising the 
computer-implemented steps of: 

sending from a first network device a first description of network traffic that is to 
be protected (Cheng: Figure 4 & Column 7 Line 35 - 52 and Column 7 Line 23 - 25: 
entities to which network traffic may be directed are referred to as "hosts". Initiator as 
taught by Cheng is equivalent to the 1 st network device associated with the source host 
and Responder is equivalent to the 2 nd network device associated with the destination 
host), wherein the first description comprises a first set of proxies (Cheng: Column 6 
Line 53 - 65: As defined in the specification, "A description of the types of packets that 
will be protected by the secure tunnel is herein referred to as a proxy " (SPEC: page 3, 
lines 6 - 8). Cheng discloses the security policy describes the characteristics of the 



Application/Control Number: 09/990,814 Page 5 

Art Unit: 2131 

protection for a particular traffic profile between the nodes establishing the tunnel 
(Cheng: Column 6 Line 53 - 55), which includes what to be protected (Cheng: Column 
6 Line 1-15: the characteristic of the traffic profile described by the security policy, as 
taught by Cheng, is qualified as the proxy to meet the claim language). 

receiving, at the first network device and from a second network device, a 
second description of network traffic that is to be protected (Cheng: see for example, 
Figure 4 & Column 7 Line 35 - 52 and Column 7 Line 23 - 25: Responder is equivalent 
to the 2 nd network device associated with the destination host), wherein the second 
description comprises a second set of proxies (Cheng: see for example, see the same 
rationale as above); 

creating and storing a third description of network traffic that is to be protected 
based on determining a logical intersection of the first description of network traffic and 
the second description of network traffic, (Cheng: Column 6 Line 63 - 65, Column 7 
Line 26 - 30 and Column 8 Line 53 - 55: Cheng teaches establishing a tunnel having a 
tunnel definition by negotiating a common security policy associated with the client and 
the server), wherein the step of creating and storing a third description further 
comprises the step of determining a largest common subset between the first set of 
proxies and the second set of proxies (Cheng: Column 6 Line 63 - 65, Column 7 Line 
26 - 30 and Column 8 Line 53 - 55: the common set of security policy must include and 
anticipate the largest common subset of the intersections (Cheng: Column 6 Line 64)); 
and 
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establishing the secure connection between the first network device and the 
second network device based on the third description of network traffic (Cheng: see for 
example, Column 7 Line 26 - 30). 

As per claim 3 and 16, Cheng teaches the first description comprises a first 
protocol and the second description comprises a second protocol, and further 
comprising the steps of determining a third protocol for the third description based on 
determining a logical intersection of the first protocol and the second protocol (Cheng: 
Column 6 Line 53 - 58, Column 6 Line 63 - 65, Column 6 Line 5-6 and Column 7 Line 
26 - 30). 

As per claim 4, the claim limitations are met as the same reasons as that set 
forth above in rejecting claim 3 because the result of a third protocol is based upon 
determining a logical intersection of the first protocol and the second protocol. 

As per claim 5, Cheng teaches the first description comprises a packet summary 
value that summarizes packets in the network traffic to be protected, and wherein the 
second description is generated by the second network device based on comparing the 
packet summary value to one or more access control lists that are managed by the 
second network device (Cheng: see for example, Figure 14 & Column 7 Line 46 - 57: 
security policy must fundamentally include access control rules). 
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As per claim 6 and 8, Cheng teaches wherein the first description of network 
traffic comprises a packet summary that includes: 

IP protocol information that is associated with the network traffic emanating from 
a source end host, wherein the source end host is associated with the first network 
device (Cheng: Column 7 Line 21 - 30, Column 6 Line 11-15 and Figure 5); 

port information that is associated with the source end host (Cheng: Column 6 
Line 6: port information is part of the Internet Protocol Address - i.e. IP and Port 
address for connection between two nodes); 

port information that is associated with a destination end host, wherein the 
destination end host is associated with the second network device (Cheng: Column 6 
Line 6: port information is part of the Internet Protocol Address - i.e. IP and Port 
address for connection between two nodes); 

an IP address that is associated with the source end host; an IP address that is 
associated with the destination end host (Cheng: Column 6 Line 6: port information is 
part of the Internet Protocol Address - i.e. IP and Port address for connection between 
two nodes); and 

a proxy address of the source end host (Cheng: Column 6 Line 1-15 and 
Column 6 Line 63-65); 

wherein the second description is generated by the second network device 
based on comparing the packet summary to one or more access control lists that are 
managed by the second network device (Cheng: see for example, Column 7 Line 46 - 
57). 
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As per claim 7, Cheng teaches determining, at the second network device, 
whether the packet summary matches a security policy information that is associated 
with the second network device; wherein the packet summary is associated with the first 
description of network traffic (Cheng: Column 7 Line 46 - 48). 

As per claim 9, Cheng teaches the Proxy addresses that are associated with the 
destination end host include a first subnet that includes the destination end host and a 
second subnet that includes a source end host, wherein the source end host is 
associated with the first network device (Cheng: Column 6 Line 6, Column 6 Line 1 1 - 
15 and Column 6 Line 63 - 65: the subnet address is part of the IP network address). 

As per claim 10, 12 and 13, the claim limitations are met as the same reasons as 
that set forth above in rejecting claim 1 and 6. 

As per claim 1 1 , Cheng teaches receiving at the first network device an IP packet 
from a source end host that is associated with the first network device,; verifying that the 
IP packet falls within the third description of network traffic (Cheng: Column 6 Line 58 - 
60, Column 7 Line 21 - 30 and Column 7 Line 35 - 52). 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788. 
The examiner can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




Longbit Chai 
Examiner 
Art Unit 21 31 



LBC 




